def test_OktaOpenVPNValidator_run(self):
cfg = {
'okta_url': self.okta_url,
'okta_token': self.okta_token,
}
tmp = tempfile.NamedTemporaryFile()
env = MockEnviron({
'common_name': self.config['username'],
'password': self.config['password'],
'auth_control_file': tmp.name,
'assert_pin': self.herokuapp_dot_com_pin,
})
validator = OktaOpenVPNValidator()
validator.site_config = cfg
validator.env = env
validator.run()
self.assertTrue(validator.user_valid)
tmp.file.seek(0)
rv = tmp.file.read()
self.assertEquals(rv, '1')
last_error = self.okta_log_messages['info'][-1:][0]
self.assertIn('is now authenticated with MFA via Okta API', last_error)
def test_OktaOpenVPNValidator_run(self):
cfg = {
'okta_url': self.okta_url,
'okta_token': self.okta_token,
}
tmp = tempfile.NamedTemporaryFile()
env = MockEnviron({
'common_name': self.config['username'],
'password': self.config['password'],
'auth_control_file': tmp.name,
'assert_pin': self.herokuapp_dot_com_pin,
})
validator = OktaOpenVPNValidator()
validator.site_config = cfg
validator.env = env
validator.run()
self.assertTrue(validator.user_valid)
tmp.file.seek(0)
rv = tmp.file.read()
self.assertEquals(rv, '1')
last_error = self.okta_log_messages['info'][-1:][0]
self.assertIn('is now authenticated with MFA via Okta API', last_error)
def test_connect_to_unintended_server_writes_0_to_control_file(self):
cfg = self.config
cfg['okta_url'] = 'https://example.com'
tmp = tempfile.NamedTemporaryFile()
env = MockEnviron({
'common_name': self.config['username'],
'password': self.config['password'],
'auth_control_file': tmp.name,
})
validator = OktaOpenVPNValidator()
validator.site_config = cfg
validator.env = env
validator.run()
self.assertFalse(validator.user_valid)
tmp.file.seek(0)
rv = tmp.file.read()
self.assertEquals(rv, '0')
def test_connect_to_unintended_server_writes_0_to_control_file(self):
cfg = self.config
cfg['okta_url'] = 'https://example.com'
tmp = tempfile.NamedTemporaryFile()
env = MockEnviron({
'common_name': self.config['username'],
'password': self.config['password'],
'auth_control_file': tmp.name,
})
validator = OktaOpenVPNValidator()
validator.site_config = cfg
validator.env = env
validator.run()
self.assertFalse(validator.user_valid)
tmp.file.seek(0)
rv = tmp.file.read()
self.assertEquals(rv, '0')
def test_OktaOpenVPNValidator_run(self):
cfg = {"okta_url": self.okta_url, "okta_token": self.okta_token}
tmp = tempfile.NamedTemporaryFile()
env = MockEnviron(
{
"common_name": self.config["username"],
"password": self.config["password"],
"auth_control_file": tmp.name,
"assert_pin": self.herokuapp_dot_com_pin,
}
)
validator = OktaOpenVPNValidator()
validator.site_config = cfg
validator.env = env
validator.run()
self.assertTrue(validator.user_valid)
tmp.file.seek(0)
rv = tmp.file.read()
self.assertEquals(rv, "1")
last_error = self.okta_log_messages["info"][-1:][0]
self.assertIn("is now authenticated with MFA via Okta API", last_error)
